TLS Server Name Indication/TLS v1.2

I was wondering the TLS SNI Extension could be added to LSWS for support of SSL name-based virtual hosts. It's a pretty recent thing, but for my sites I end up using a certificate with a subjectAltName. I currently self-sign instead of paying for this as my subjectAltName's change so I end up reissuing every few months. Supporting TLS SNI would help workaround this, most major browsers support TLS SNI.

This would require supporting TLS v1.2 I believe. That wouldn't be a bad thing, TLS v1.0 was barely an upgrade to SSLv3 and TLSv1.1 has been out since 2006, 1.2 out since 2008.

Nothing high priority, but SSL name-based virtual hosting would certainly be a leg up for LSWS.

OpenSSL added support for SNI in version 0.9.8f (at first an optional feature, then it was enabled by default in 0.9.8k). Apache added support for SNI in 2.2.12: wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI
(I would make this a hyperlink, but the board won't let me because my post count is low? )

SNI (RFC 4366) can be used as an extension to TLS 1.0 and TLS 1.1; the software just has to support the extension (as you said, all modern browsers do, as well as Apache/OpenSSL). SNI is also rolled into TLS 1.2 (RFC 5246) as you mentioned.

in native configuration or through Apache httpd.conf?
For native configuration, configure a SSL listener with a default certificate, then add certificate for each vhost binds to that SSL listener. there should be SSL tab for vhost configuration.
For Apache vhost, just let multiple secure sites share one IP.

I'd configured 4 SSL certs for 4 vhost, a default cert in SSL listener. It works great in Windows 7 IE8 and as well as Firefox 2 but some users experience certificate error (cert is referring to default cert) because they are using IE 8 Windows XP which does not support SNI!!